Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks
详细信息    查看全文
  • 作者:Lionel Rivi猫re (17) (18)
    Marie-Laure Potet (19)
    Thanh-Ha Le (17)
    Julien Bringer (17)
    Herv茅 Chabanne (17) (18)
    Maxime Puys (17)

    17. Safran Morpho     ; Paris ; France
    18. T茅l茅com Paristech     ; Paris ; France
    19. Verimag     ; Gi猫res ; France
  • 关键词:Fault injection ; Fault simulation ; Instruction skipping ; Control flow graph ; Multiple fault ; Smartcard ; Embedded systems ; Security
  • 刊名:Lecture Notes in Computer Science
  • 出版年:2015
  • 出版时间:2015
  • 年:2015
  • 卷:8930
  • 期:1
  • 页码:92-111
  • 全文大小:615 KB
  • 参考文献:1. Boneh, D, DeMillo, RA, Lipton, RJ On the importance of checking cryptographic protocols for faults. In: Fumy, W eds. (1997) Advances in Cryptology - EUROCRYPT 鈥?7. Springer, Heidelberg, pp. 37-51 CrossRef
    2. Balasch, J., Gierlichs, B., Verbauwhede, I.: An in-depth and black-box characterization of the effects of clock glitches on 8-bit MCUs. In: Breveglieri, L., Guilley, S., Koren, I., Naccache, D., Takahashi, J. (eds.) FDTC, pp. 105鈥?14. IEEE (2011)
    3. Dehbaoui, A., Dutertre, J.-M., Robisson, B., Tria, A.: Electromagnetic transient faults injection on a hardware and a software implementations of AES. In: Bertoni, G., Gierlichs, B. (eds.) FDTC, pp. 7鈥?5. IEEE (2012)
    4. Skorobogatov, SP, Anderson, RJ Optical fault induction attacks. In: Kaliski, BS, Ko莽, 脟K, Paar, C eds. (2003) Cryptographic Hardware and Embedded Systems - CHES 2002. Springer, Heidelberg, pp. 2-12 CrossRef
    5. Biham, E, Shamir, A Differential fault analysis of secret key cryptosystems. In: Kalisk, BS eds. (1997) Advances in Cryptology - CRYPTO 鈥?7. Springer, Heidelberg, pp. 513-525 CrossRef
    6. Machemie, J.-B., Mazin, C., Lanet, J.-L., Cartigny, J.: SmartCM a smart card fault injection simulator. In: WIFS, pp. 1鈥?. IEEE (2011)
    7. Berthom茅, P., Heydemann, K., Kauffmann-Tourkestansky, X., Lalande, J.-F.: High level model of control flow attacks for smart card functional security. In: ARES, pp. 224鈥?29. IEEE Computer Society (2012)
    8. Christofi, M, Chetali, B, Goubin, L, Vigilant, D (2013) Formal verification of a CRT-RSA implementation against fault attacks. J. Cryptographic Eng. 3: pp. 157-167 CrossRef
    9. Bar-El, H, Choukri, H, Naccache, D, Tunstall, M, Whelan, C (2006) The sorcerer鈥檚 apprentice guide to fault attacks. Proc. IEEE 94: pp. 370-382 CrossRef
    10. Berthier, M, Bringer, J, Chabanne, H, Le, T-H, Rivi猫re, L, Servant, V Idea: embedded fault injection simulator on smartcard. In: J眉rjens, J, Piessens, F, Bielova, N eds. (2014) Engineering Secure Software and Systems. Springer, Heidelberg, pp. 222-229 CrossRef
    11. Potet, M.-L., Mounier, L., Puys, M., Dureuil, L.: Lazart: a symbolic approach for evaluation the robustness of secured codes against control flow fault injection. In: ICST (2014)
    12. King, JC (1976) Symbolic execution and program testing. Commun. ACM 19: pp. 385-394 CrossRef
    13. The KLEE symbolic virtual machine. http://klee.llvm.org/
    14. Cadar, C., Dunbar, D., Engler, D.R.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: OSDI, pp. 209鈥?24 (2008)
    15. Christofi, M.: Preuves de s茅curit茅 outill茅es d鈥檌mpl茅mentation cryptographiques. Ph.D. thesis, Laboratoire PRiSM, Universit茅 de Versailles Saint Quentin-en-Yvelines, France (2013)
    16. Uguchi-Cartigny, J., Sere, A.A.-K., Lanet, J.-L.: Carte 脿 puce Java Card : Protection du code contre les attaques en faute (2009)
    17. Folkman, L.: The use of a power analysis for influencing PIN verification on cryptographic smart card. Bakal谩sk pr谩ce, Masarykova univerzita, Fakulta informatiky (2007)
    18. Sauveron, D.: Etude et r茅alisation d鈥檜n environnement d鈥檈xprimentation et de mod茅lisation pour la technologie Java Card : application 脿 la s茅curit茅. Ph.D. thesis, Universit茅 Bordeaux 1- Informatique et Math茅matiques (2004). Th猫se de doctorat dirig茅e par Chaumette, S
    19. van Woudenberg, J.G.J., Witteman, M.F., Menarini, F.: Practical optical fault injection on secure microcontrollers. In: Breveglieri, L., Guilley, S., Koren, I., Naccache, D., Takahashi, J. (eds.) FDTC, pp. 91鈥?9. IEEE (2011)
  • 作者单位:Foundations and Practice of Security
  • 丛书名:978-3-319-17039-8
  • 刊物类别:Computer Science
  • 刊物主题:Artificial Intelligence and Robotics
    Computer Communication Networks
    Software Engineering
    Data Encryption
    Database Management
    Computation by Abstract Devices
    Algorithm Analysis and Problem Complexity
  • 出版者:Springer Berlin / Heidelberg
  • ISSN:1611-3349
文摘
Physical fault injections break security functionalities of algorithms by targeting their implementations. Software techniques strengthen such implementations to enhance their robustness against fault attacks. Exhaustively testing physical fault injections is time consuming and requires complex platforms. Simulation solutions are developed for this specific purpose. We chose two independent tools presented in 2014, the Laser Attack Robustness (Lazart) and the Embedded Fault Simulator (EFS) in order to evaluate software implementations against multiple fault injection attacks. Lazart and the EFS share the common goal that consists in detecting vulnerabilities in the code. However, they operate with different techniques, fault models and abstraction levels. This paper aims at exhibiting specific advantages of both approaches and proposes a combining scheme that emphasizes their complementary nature.

© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号

地址:北京市海淀区学院路29号 邮编:100083

电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700